Loading core/Makefile +25 −2 Original line number Diff line number Diff line Loading @@ -2083,17 +2083,40 @@ else INTERNAL_DEBUG_BOOTIMAGE_ARGS := $(subst $(INSTALLED_RAMDISK_TARGET),$(INSTALLED_DEBUG_RAMDISK_TARGET), $(INTERNAL_BOOTIMAGE_ARGS)) endif # If boot.img is chained but boot-debug.img is not signed, libavb in bootloader # will fail to find valid AVB metadata from the end of /boot, thus stop booting. # Using a test key to sign boot-debug.img to continue booting with the mismatched # public key, if the device is unlocked. ifneq ($(BOARD_AVB_BOOT_KEY_PATH),) BOARD_AVB_DEBUG_BOOT_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): PRIVATE_AVB_DEBUG_BOOT_SIGNING_ARGS := \ --algorithm SHA256_RSA2048 --key $(BOARD_AVB_DEBUG_BOOT_KEY_PATH) $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): $(AVBTOOL) $(BOARD_AVB_DEBUG_BOOT_KEY_PATH) endif # Depends on original boot.img and ramdisk-debug.img, to build the new boot-debug.img $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INSTALLED_BOOTIMAGE_TARGET) $(INSTALLED_DEBUG_RAMDISK_TARGET) $(call pretty,"Target boot debug image: $@") $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@ $(call assert-max-image-size,$@,$(BOARD_BOOTIMAGE_PARTITION_SIZE)) $(if $(BOARD_AVB_BOOT_KEY_PATH),\ $(call assert-max-image-size,$@,$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))); \ $(AVBTOOL) add_hash_footer \ --image $@ \ --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \ --partition_name boot $(PRIVATE_AVB_DEBUG_BOOT_SIGNING_ARGS), \ $(call assert-max-image-size,$@,$(BOARD_BOOTIMAGE_PARTITION_SIZE))) .PHONY: bootimage_debug-nodeps bootimage_debug-nodeps: $(MKBOOTIMG) echo "make $@: ignoring dependencies" $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(INSTALLED_DEBUG_BOOTIMAGE_TARGET) $(call assert-max-image-size,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(BOARD_BOOTIMAGE_PARTITION_SIZE)) $(if $(BOARD_AVB_BOOT_KEY_PATH),\ $(call assert-max-image-size,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))); \ $(AVBTOOL) add_hash_footer \ --image $(INSTALLED_DEBUG_BOOTIMAGE_TARGET) \ --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \ --partition_name boot $(PRIVATE_AVB_DEBUG_BOOT_SIGNING_ARGS), \ $(call assert-max-image-size,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(BOARD_BOOTIMAGE_PARTITION_SIZE))) endif # TARGET_NO_KERNEL Loading core/build_id.mk +1 −1 Original line number Diff line number Diff line Loading @@ -18,4 +18,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. BUILD_ID=QP1A.190507.002 BUILD_ID=QP1A.190508.001 target/product/gsi/current.txt +0 −1 Original line number Diff line number Diff line Loading @@ -261,7 +261,6 @@ VNDK-core: libstagefright_flacdec.so VNDK-core: libstagefright_foundation.so VNDK-core: libstagefright_omx.so VNDK-core: libstagefright_omx_utils.so VNDK-core: libstagefright_softomx.so VNDK-core: libstagefright_xmlparser.so VNDK-core: libsysutils.so VNDK-core: libtinyalsa.so Loading target/product/media_system.mk +1 −0 Original line number Diff line number Diff line Loading @@ -52,6 +52,7 @@ PRODUCT_PACKAGES += \ libstagefright_soft_vorbisdec \ libstagefright_soft_vpxdec \ libstagefright_soft_vpxenc \ libstagefright_softomx_plugin \ libwebviewchromium_loader \ libwebviewchromium_plat_support \ make_f2fs \ Loading tools/releasetools/sign_target_files_apks.py +26 −3 Original line number Diff line number Diff line Loading @@ -91,12 +91,15 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files Replace the veritykeyid in BOOT/cmdline of input_target_file_zip with keyid of the cert pointed by <path_to_X509_PEM_cert_file>. --avb_{boot,system,system_other,vendor,dtbo,vbmeta}_algorithm <algorithm> --avb_{boot,system,system_other,vendor,dtbo,vbmeta}_key <key> --avb_{boot,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, vbmeta_vendor}_algorithm <algorithm> --avb_{boot,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, vbmeta_vendor}_key <key> Use the specified algorithm (e.g. SHA256_RSA4096) and the key to AVB-sign the specified image. Otherwise it uses the existing values in info dict. --avb_{apex,boot,system,system_other,vendor,dtbo,vbmeta}_extra_args <args> --avb_{apex,boot,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, vbmeta_vendor}_extra_args <args> Specify any additional args that are needed to AVB-sign the image (e.g. "--signing_helper /path/to/helper"). The args will be appended to the existing ones in info dict. Loading Loading @@ -943,6 +946,8 @@ def ReplaceAvbSigningKeys(misc_info): 'system_other' : 'avb_system_other_add_hashtree_footer_args', 'vendor' : 'avb_vendor_add_hashtree_footer_args', 'vbmeta' : 'avb_vbmeta_args', 'vbmeta_system' : 'avb_vbmeta_system_args', 'vbmeta_vendor' : 'avb_vbmeta_vendor_args', } def ReplaceAvbPartitionSigningKey(partition): Loading Loading @@ -1170,6 +1175,18 @@ def main(argv): OPTIONS.avb_algorithms['vendor'] = a elif o == "--avb_vendor_extra_args": OPTIONS.avb_extra_args['vendor'] = a elif o == "--avb_vbmeta_system_key": OPTIONS.avb_keys['vbmeta_system'] = a elif o == "--avb_vbmeta_system_algorithm": OPTIONS.avb_algorithms['vbmeta_system'] = a elif o == "--avb_vbmeta_system_extra_args": OPTIONS.avb_extra_args['vbmeta_system'] = a elif o == "--avb_vbmeta_vendor_key": OPTIONS.avb_keys['vbmeta_vendor'] = a elif o == "--avb_vbmeta_vendor_algorithm": OPTIONS.avb_algorithms['vbmeta_vendor'] = a elif o == "--avb_vbmeta_vendor_extra_args": OPTIONS.avb_extra_args['vbmeta_vendor'] = a elif o == "--avb_apex_extra_args": OPTIONS.avb_extra_args['apex'] = a else: Loading Loading @@ -1209,6 +1226,12 @@ def main(argv): "avb_vendor_algorithm=", "avb_vendor_key=", "avb_vendor_extra_args=", "avb_vbmeta_system_algorithm=", "avb_vbmeta_system_key=", "avb_vbmeta_system_extra_args=", "avb_vbmeta_vendor_algorithm=", "avb_vbmeta_vendor_key=", "avb_vbmeta_vendor_extra_args=", ], extra_option_handler=option_handler) Loading Loading
core/Makefile +25 −2 Original line number Diff line number Diff line Loading @@ -2083,17 +2083,40 @@ else INTERNAL_DEBUG_BOOTIMAGE_ARGS := $(subst $(INSTALLED_RAMDISK_TARGET),$(INSTALLED_DEBUG_RAMDISK_TARGET), $(INTERNAL_BOOTIMAGE_ARGS)) endif # If boot.img is chained but boot-debug.img is not signed, libavb in bootloader # will fail to find valid AVB metadata from the end of /boot, thus stop booting. # Using a test key to sign boot-debug.img to continue booting with the mismatched # public key, if the device is unlocked. ifneq ($(BOARD_AVB_BOOT_KEY_PATH),) BOARD_AVB_DEBUG_BOOT_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): PRIVATE_AVB_DEBUG_BOOT_SIGNING_ARGS := \ --algorithm SHA256_RSA2048 --key $(BOARD_AVB_DEBUG_BOOT_KEY_PATH) $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): $(AVBTOOL) $(BOARD_AVB_DEBUG_BOOT_KEY_PATH) endif # Depends on original boot.img and ramdisk-debug.img, to build the new boot-debug.img $(INSTALLED_DEBUG_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INSTALLED_BOOTIMAGE_TARGET) $(INSTALLED_DEBUG_RAMDISK_TARGET) $(call pretty,"Target boot debug image: $@") $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $@ $(call assert-max-image-size,$@,$(BOARD_BOOTIMAGE_PARTITION_SIZE)) $(if $(BOARD_AVB_BOOT_KEY_PATH),\ $(call assert-max-image-size,$@,$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))); \ $(AVBTOOL) add_hash_footer \ --image $@ \ --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \ --partition_name boot $(PRIVATE_AVB_DEBUG_BOOT_SIGNING_ARGS), \ $(call assert-max-image-size,$@,$(BOARD_BOOTIMAGE_PARTITION_SIZE))) .PHONY: bootimage_debug-nodeps bootimage_debug-nodeps: $(MKBOOTIMG) echo "make $@: ignoring dependencies" $(MKBOOTIMG) $(INTERNAL_DEBUG_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(INSTALLED_DEBUG_BOOTIMAGE_TARGET) $(call assert-max-image-size,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(BOARD_BOOTIMAGE_PARTITION_SIZE)) $(if $(BOARD_AVB_BOOT_KEY_PATH),\ $(call assert-max-image-size,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(call get-hash-image-max-size,$(BOARD_BOOTIMAGE_PARTITION_SIZE))); \ $(AVBTOOL) add_hash_footer \ --image $(INSTALLED_DEBUG_BOOTIMAGE_TARGET) \ --partition_size $(BOARD_BOOTIMAGE_PARTITION_SIZE) \ --partition_name boot $(PRIVATE_AVB_DEBUG_BOOT_SIGNING_ARGS), \ $(call assert-max-image-size,$(INSTALLED_DEBUG_BOOTIMAGE_TARGET),$(BOARD_BOOTIMAGE_PARTITION_SIZE))) endif # TARGET_NO_KERNEL Loading
core/build_id.mk +1 −1 Original line number Diff line number Diff line Loading @@ -18,4 +18,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. BUILD_ID=QP1A.190507.002 BUILD_ID=QP1A.190508.001
target/product/gsi/current.txt +0 −1 Original line number Diff line number Diff line Loading @@ -261,7 +261,6 @@ VNDK-core: libstagefright_flacdec.so VNDK-core: libstagefright_foundation.so VNDK-core: libstagefright_omx.so VNDK-core: libstagefright_omx_utils.so VNDK-core: libstagefright_softomx.so VNDK-core: libstagefright_xmlparser.so VNDK-core: libsysutils.so VNDK-core: libtinyalsa.so Loading
target/product/media_system.mk +1 −0 Original line number Diff line number Diff line Loading @@ -52,6 +52,7 @@ PRODUCT_PACKAGES += \ libstagefright_soft_vorbisdec \ libstagefright_soft_vpxdec \ libstagefright_soft_vpxenc \ libstagefright_softomx_plugin \ libwebviewchromium_loader \ libwebviewchromium_plat_support \ make_f2fs \ Loading
tools/releasetools/sign_target_files_apks.py +26 −3 Original line number Diff line number Diff line Loading @@ -91,12 +91,15 @@ Usage: sign_target_files_apks [flags] input_target_files output_target_files Replace the veritykeyid in BOOT/cmdline of input_target_file_zip with keyid of the cert pointed by <path_to_X509_PEM_cert_file>. --avb_{boot,system,system_other,vendor,dtbo,vbmeta}_algorithm <algorithm> --avb_{boot,system,system_other,vendor,dtbo,vbmeta}_key <key> --avb_{boot,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, vbmeta_vendor}_algorithm <algorithm> --avb_{boot,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, vbmeta_vendor}_key <key> Use the specified algorithm (e.g. SHA256_RSA4096) and the key to AVB-sign the specified image. Otherwise it uses the existing values in info dict. --avb_{apex,boot,system,system_other,vendor,dtbo,vbmeta}_extra_args <args> --avb_{apex,boot,system,system_other,vendor,dtbo,vbmeta,vbmeta_system, vbmeta_vendor}_extra_args <args> Specify any additional args that are needed to AVB-sign the image (e.g. "--signing_helper /path/to/helper"). The args will be appended to the existing ones in info dict. Loading Loading @@ -943,6 +946,8 @@ def ReplaceAvbSigningKeys(misc_info): 'system_other' : 'avb_system_other_add_hashtree_footer_args', 'vendor' : 'avb_vendor_add_hashtree_footer_args', 'vbmeta' : 'avb_vbmeta_args', 'vbmeta_system' : 'avb_vbmeta_system_args', 'vbmeta_vendor' : 'avb_vbmeta_vendor_args', } def ReplaceAvbPartitionSigningKey(partition): Loading Loading @@ -1170,6 +1175,18 @@ def main(argv): OPTIONS.avb_algorithms['vendor'] = a elif o == "--avb_vendor_extra_args": OPTIONS.avb_extra_args['vendor'] = a elif o == "--avb_vbmeta_system_key": OPTIONS.avb_keys['vbmeta_system'] = a elif o == "--avb_vbmeta_system_algorithm": OPTIONS.avb_algorithms['vbmeta_system'] = a elif o == "--avb_vbmeta_system_extra_args": OPTIONS.avb_extra_args['vbmeta_system'] = a elif o == "--avb_vbmeta_vendor_key": OPTIONS.avb_keys['vbmeta_vendor'] = a elif o == "--avb_vbmeta_vendor_algorithm": OPTIONS.avb_algorithms['vbmeta_vendor'] = a elif o == "--avb_vbmeta_vendor_extra_args": OPTIONS.avb_extra_args['vbmeta_vendor'] = a elif o == "--avb_apex_extra_args": OPTIONS.avb_extra_args['apex'] = a else: Loading Loading @@ -1209,6 +1226,12 @@ def main(argv): "avb_vendor_algorithm=", "avb_vendor_key=", "avb_vendor_extra_args=", "avb_vbmeta_system_algorithm=", "avb_vbmeta_system_key=", "avb_vbmeta_system_extra_args=", "avb_vbmeta_vendor_algorithm=", "avb_vbmeta_vendor_key=", "avb_vbmeta_vendor_extra_args=", ], extra_option_handler=option_handler) Loading
